Adobe revokes all code signed since 10 July

By

Follows attack.

Adobe has revoked the code signing certificate for all code signed after 10 July this year following an attack it announced last week.


The software company was issuing updates signed using a new digital certificate for all affected products.

Microsoft malware protection centre lead security researcher Tanmay Ganacharya said it has been tracking the issue closely.

Telemetry showed the issue was not prevalent and was being used only in only highly targeted attacks.

Adobe senior engineering director Brad Arkin said Adobe was hit by an attack that impacted its digital certificate code signing infrastructure and led to at least two malicious utilities being signed.

Arkin said that the certificate runs on the Windows platform and three Adobe Air applications that run on both Windows and Macintosh. It has revoked all software code signed after 10th July 2012 and has decommissioned the existing Adobe code signing infrastructure.

This article originally appeared at scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:

Most Read Articles

Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise

Service NSW centralises security, networking in mammoth CloudOps overhaul

Service NSW centralises security, networking in mammoth CloudOps overhaul

VicRoads to phase out passwords in favour of passkeys

VicRoads to phase out passwords in favour of passkeys

Apple adds "mercenary spyware" protection to new A19 chip

Apple adds "mercenary spyware" protection to new A19 chip

Log In

  |  Forgot your password?